[tor-talk] I've yet to understand <clock skew> attacks on hidden services

Robert Ransom rransom.8774 at gmail.com
Tue Sep 6 15:12:52 UTC 2011

On 2011-08-20, hikki at safe-mail.net <hikki at safe-mail.net> wrote:
> I've read a lot about it, but I'm hoping for a simplified explanation for a
> simplified guy. ;)
> If my hidden service server has a clock that is 5 minutes wrong, how can
> anyone use that to locate me?

They can only use that to locate your server if they can either
connect to it directly (not through Tor) or accept a non-Torified
connection from it, and determine what your server thinks is the
current time based on information it receives on that connection.

The obvious ways that your server could leak its current time include
running a web server and sending e-mail messages.  The less obvious
ways include opening an outbound TLS connection and running a cron job
with externally observable effects (e.g. an automatic update

Robert Ransom

More information about the tor-talk mailing list